Legal issues arising from the RIAA's lawsuits of intimidation brought against ordinary working people, and other important internet law issues. Provided by Ray Beckerman, P.C.

Thursday, December 01, 2005

Oklahoma Woman Fights Back Against RIAA

We have just learned of another case, this one in Oklahoma City, Oklahoma, where a defendant is fighting back against the RIAA.

The name of the case is Capitol Records v. Foster.

There the defendant has filed counterclaims for a declaratory judgment of non-infringement, and for "prima facie tort" under Oklahoma law. The judge dismissed the counterclaim for "prima facie tort" but has left standing the counterclaim for a declaratory judgment.

During the period Ms. Foster was accused of being a copyright infringer she did not even have a working computer.

45 comments:

Why does that sound suspicious? I have three computers at home, of which 2 don't work. I finally was able to purchase a new one 6 months after the last one fried a power supply. So for a six months I had two inoperative computers at home.

Perhaps it was the ex-husband or a child of theirs. Where else is the user name fflygirl11 used? However, just because the userid is used on other systems doesn't mean that it was created by the same person. Someone could have framed the defendant just to cause grief or to get back.

It doesnt work like that. The RIAA intercepts your IP address when it downloads songs from the uploader. In this instance, she must have had some kind of P2P application. I notice the article doesn't mention whether she had ever used any kind of file-sharing application...

2nd Anonymous....But you still had one operating computer. I'm sure if all three of you computers went down, you would have made more an effort to fix the one.

Also, I'll admit I make up some strange userid's that might make the person not think it could be me. Why wouldn't some woman use fflygirl11? If that was her userid? Maybe she thinks she's fly. Now if she spelt girl, grl, i would think maybe more of a kid...but it does sound awfully convenient to me that she did not have an operating computer, but had a computer.

If she had internet access and one of those wireless router modems that default your wlan to an open connection that could have been used by a neighbor or any passerby. I know the one my ISP gives me does that.

the time frame at which ISPs were supplying wireless routers is irrelevant. Anyone can purchase a wireless router, it's not a service that's offered by your ISP.

Just as a note on someone else using her wireless... If someone breaks in to your home and performs some illegal activity, your responsible? That may be an appropriate question, depending on whether she secured her wireless or not. The law is murky there.

Of course, all of this supposition assumes that Media Sentry, which is being paid a bounty for IP addresses, isn't simply producing Kazaa screen captures with random IP addresses inserted using Photoshop.

From what I've read, that's pretty much the only evidence the RIAA is bringing to these things.

It doesn't matter whether her computer was working or not. If she says it wasn't, the court will have to take her word for it. The burden of proof lies in the RIAA's hands. They will have to demonstrate that she (and only she, since she's the only one named in the lawsuit) willingly used her computer and internet access to propagate their content over the Internet.

Since this is nearly impossible short of the RIAA having a video of her performing the act, they have no case.

Just as a note on someone else using her wireless... If someone breaks in to your home and performs some illegal activity, your responsible? That may be an appropriate question, depending on whether she secured her wireless or not. The law is murky there.

Breaking into a home is different than receiving a NON ENCRYPTED SIGNAL

from: U.S. Code : Title 18 : Section 2511

Section 2511(g)(i) provides that:

It shall not be unlawful under this chapter or chapter 121 of this title for any person -(i)to intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public;

A transmission that is not scrambled or encrypted is by definition "readily accessible to the general public". If WEP or other encryption are not used on a Wi-Fi network, therefore, ECPA does not apply.

Lesson: If you dont want to be held accountable for what goes on on your network secure your freaking AP!

Lawyers still have yet to learn one thing... IP addresses and MAC addresses mean NOTHING. Right now I am using a spoofed MAC address and Privoxy to change my IP. There is absolutely NO reason to allow an IP address or MAC address to serve as evidence in a court of law. They are 100% MEANINGLESS.

Anonymous said... Lawyers still have yet to learn one thing... IP addresses and MAC addresses mean NOTHING. Right now I am using a spoofed MAC address and Privoxy to change my IP. There is absolutely NO reason to allow an IP address or MAC address to serve as evidence in a court of law. They are 100% MEANINGLESS.

Would you mind explaining how to do that? Perhaps give a hyperlink if you can privide one. Thanks.

I'm not the person who posted the bit about using Privoxy and spoofing their MAC address but I would like to help out so here's what info I can provide:

Spoofing your MAC address is pretty simple on some systems, MAC OS X (Panther, which is 10.3.* and Tiger 10.4.*, I don't know about versions prior to Panther) lets you change your MAC address from the network preferences panel under Ethernet, you don't even need any special software to do this.

On Windows you can get software utilities that let you spoof your MAC address, for example Mac MakeUp is the first result I got when I searched Google for 'spoof mac address windows xp'. That program will let you change your MAC address on any Windows 2000/XP or Server 2003 computer. There should be utilities for 95/98 & ME as well.

On Linux you can do this in the config files, you just need to search for the info on how, same as above.

As far as I can tell you can't completely mask your IP with Privoxy, according to this FAQ item on Privoxy's site you can configure Privoxy to use a anonymous proxy to route your info through, that would have the IP of the proxy, not your home PC, show up on any computers you connect to. That item mentions that most of the well known anonymous proxies will log your IP and provide it to authorities if you commit a crime, but with all the virii and worms nowadays that install open proxies on compromised PCs, with a little work you could find some of those and run Privoxy through them. That would make it look like the person who owned the comprised PC was the originator of all the traffic from your machine, and could be a defense.

I doubt I would qualify as an expert witness (although I do IT work for a living and do concentrate a lot on security) but an IP address alone doesn't mean much for people who connect through an ISP. Accounts can be stolen (the ISP account that is), machines compromised by virii, worms and trojans that install open proxies, or leave the machine open to further compromise that does install them, even spyware and malware can leave a system in a state where it's nearly impossible to say if the network traffic really originated from the owner of the PC. Convincing the court of this will need someone with the proper credentials though, all I can do is point you to info I know about and/or can find that you ask about. I am really good at finding info online though. :)

I think the case sounds pretty shady from the defendant's side, but, yes, it is up to the RIAA to prove the file sharing.

I wasn't pleased to see some of the comments made by the defence in the Response to motion to dismiss counterclaims though- saying that the plantiff should lose their rights because the data wasn't further secured? That's stupid, it goes against what someone looking for an open system of music should be fighting for. But alas.

Poster above who talked about spoofing IP addresses and MAC addresses- if the RIAA has your IP address, then it should be your responsbility. I can't just choose an IP address at random and spoof it across the world, ISPs aren't stupid, and neither is their equipment configuration. The only way to do said 'spoofing' is indeed with a proxy (it isn't really spoofing); but if the RIAA has the defendant's IP address, and Cox confirms that the IP address was in use by this customer at this time, then it was definately their account. What the RIAA have a harder time proving, perhaps, is that it was her "box" or even her residence on which the alleged copyright infringement occured.

if the RIAA has your IP address, then it should be your responsbility.

Again, this assumes that the RIAA is making claims in good faith. As the recent Sony rootkit fiasco indicates, this may not be the case. It would seem RIAA constituent companies feel they don't have to follow the rules, and if randomly generating IP addresses to sue is good for PR (and their pocketbooks), then I wouldn't be too sure they wouldn't do it.

Poster above who talked about spoofing IP addresses and MAC addresses- if the RIAA has your IP address, then it should be your responsbility.

Think about this for a minute, it's not always true. If your computer gets compromised by a zero-day exploit for which there is no patch and you are unaware of it, how can you realistically blame them when someone else runs their P2P app through a proxy they (or someone else) set up on the machine? I'm not saying this happens a lot, or hell, even ever, but the fact is it's possible and it calls into question the validity of only using an IP as identifying information. The RIAA needs more than just that IP to prove that it was indeed the person who had the ISP account for that IP at the time doing the sharing.

Think about the above scenario with the zero-day exploit and all that. Let's say it's your PC and you never realized anything was wrong. Suddenly you're named in a lawsuit by the RIAA claiming you shared music you've never even owned or listened to, much less shared. In this scenario the files never resided on the PC in question, they were routed through it, at best bits and pieces of the files will be found in the slack space of the hard drive, but it's unlikely the full song could be found even if the PC was examined right after the file transferred.

Still think that person is legally responsible? Their only crime was stupidity when it comes to computers, and with all the security holes that Windows/IE/Outlook/Outlook Express have it's hard for even the IT people to keep up (hell I know I can't keep up with them all and it's part of my job). I know enough to prevent that scenario from happening, using a NAT Router for my home network, keeping my machines up to date, with anti-virus and things like Spybot Search & Destroy's Teatimer running to watch for modifications. I also don't use Outlook or Outlook Express, try to use Firefox instead of IE when possible and am careful where I go. But my ability to do all that takes an extroidinary amount of knowledge just to know WHAT to do to protect my system. There's no way the vast majority of people have this knowledge and most of the lawsuits we've heard about (where people are fighting back) the people most certainly don't.

The bottom line is that for the purpose of a lawsuit an IP is not absolute, that IP could have served as a proxy for another machine to do the downloading. The RIAA needs more proof than this, and the court needs to understand this.

You have to remember though, the Plaintiffs are not trying to just sue using only the IP... all they need is to have enough information to go to trial. Then before trial during discovery, they will get the "box" that was at Defendant's house and any other physical evidence they can get. Furthermore, if your account is being used by someone you know to perform illegal tasks, you have a responsibility to stop it, granted you had a reasonable knowledge that something was going on. Of course, it's hard to prove reasonable knowledge, but if Defendant was married to the actual "perp" then it doesn't look good. Of course, the plaintiff has the burden of proof for all this however this case is not a criminal case and the burden of proof is not nearly as high for plaintiffs here. The moral is that if you are not going to use the internet in your house, don't sign the account! Anyway, just remember, all the "facts" and "proof" will be decided at trial (if this case gets there)

Keep in mind that the Sony root kit potentially allows hackers to use the computer as a gateway.

It's funny to hear such comments as, "one should secure their network" when applied to the real world. Sure, I know how to do that and that's all well and good. However, my 75 year old mother would have absolutely no clue as to what I would be talking about.

Anyway, sometimes it's one's choice to allow their network to remain open - I do. If a neighbor of mine has a network that goes down, I'm perfectly fine with them using my bandwidth, just as I'd be fine with giving them a cup of sugar.

I've been reading a lot of the depositions and what-nots (sorry, I don't know what the legal terms for all these documents are). One BIG question that is unanswered is hot exactly does the RIAA get these IP addresses? it's not like Kazaa or any of these programs show the IP's of anyone you're uploading to or downloading from. This is a question very few people are asking. They are assuming that the RIAA has legitimate IP addresses of downloaders. This is a giant game of poker and we have to call their hand. they are bluffing (as evidenced by the high rate of false accusations: eg. dead grandmas, people that don't own computers, people that use operating systems for which Kazaa doesn't offer a version, like Macs...)

MediaSentry saying that they use "proprietary" tools developed specially for the purpose doesn't cut it. Where the hell is the RIAA getting these IP addresses from? Nothing in these p2p clients show the IP. Only the username.. Unless we're talking about spyware and trojans that the RIAA and their goons are planting on people's computers to spy on them. (ahem.. Sony and their XCP crap being only 1 recent and highly publicized example).

MediaSentry saying that they use "proprietary" tools developed specially for the purpose doesn't cut it. Where the hell is the RIAA getting these IP addresses from? Nothing in these p2p clients show the IP. Only the username...

All you have to do is "browse host" in Limewire to see the IP address of the computer holding the audio/video/whatever file...I've used plenty of p2p apps over the years, and most have this ability.

I think that an unencrypted router ip is much like a neighbors water hose. If it is spilling water out to your property, go ahead and route it to your own lawn if you want. Just don't go turn it on - yourself.

Regardless of guilt or innocence, Thee RIAA $150,000 fine for one track of one CD seems a bit steep. Would you get a $150,000 fine if you stole a 99 cent king size candy bar? I use 99 cents as this is the going price for a audio track. I thought it couldn't get any worse, and I was wrong. I recently read about some sony suit complaining that a picture of a kid dressed as the cookie monster on halloween infringed on the Seasame Street copyright. Todays letters are F and U.

Oh, forgot. To anyone that says to use WEP encryption (what most people seem to use). It's pretty well known that if someone knows what they're doing, WEP cracking takes as much time as lockpicking. But that doesn't matter, because most people don't even know how to use that crappy excuse for security. They shouldn't be held liable for fraudulent use. If someone steals a gun and robs a bank, the gun owner didn't commit a crime, the thief did. No one comes at the guy who had his pistol stolen as he didn't break any law. By the same logic a carjacking victim could be sued by whoever the attacker ran into (or over).

The problem with what is going on is that the court system allows one party to sue another for anything. As long as I could afford to do so, I could sue my neighbor for having a bigger house than me. The problem my neighbor runs into is that the court system will not simply drop the case by itself, he is going to have to find a lawyer and file to have to case thrown out. What the RIAA is doing is just sueing everyone using their IP alone, and counting on the fact that most of the people were trading music and cant afford what will happen if they fight it and lose. So what happens is everyone just gives in because they do not have the time and money that the RIAA can afford to put into the fight.

All you have to do is "browse host" in Limewire to see the IP address of the computer holding the audio/video/whatever file...I've used plenty of p2p apps over the years, and most have this ability.

most of these cases are dealing with Kazaa, or Grokster, not LimeWire. I use BitTorrent clients and IP addresses of peers are out in the open. I now have Kazaa installed on a test machine (note to others: DO NOT EVER do this to a machine you intend to keep in nice working order). Kazaa does not show IP addresses.

I still don't have an answer as to where MediaSentry is getting these IP's, Apparently, no one does.

I still don't have an answer as to where MediaSentry is getting these IP's, Apparently, no one does.

Just because kazaa doesn't show them, doesn't mean an auxiliary program running alongside kazaa, or even a simple bit of added code to kazaa, can't. The fact Limewire (and I'm pretty sure Ares & Shareazaa) can show IP's clearly indicates it's not a difficult thing to obtain.

I wonder if the 'proprietary software' being use is 'legal' or a honeypot version of kazaa that is modified to snag IP addresses, etc when people download from it. If so, wouldn't that be entrapment on the part of RIAA?

ok how to find someones ip whe you download from them this is fairly easy and anyone could do it. open a msdos prompt (start -> run -> cmd) type netstat you will get a list of all your current connections. start a download. type netstat again. the extra ip(s) are the ips of the client you are downloading from.

media sentry i believe uses a different approach by conencting a bot to the kazaa network they harvest search results on popular files, which (invisible to the user) also return an ip address so that a connection can be made if you choose to download something. This gives them a list of ips sharing a file which matches the search criteria.

It seems that many of the comments here concern unauthorized usage of a wireless connection (via someone's wireless home network).As suggested by other commentors, securing your network is an excellent idea and the way to go. However, an unsecured wireless signal is NOT just up for grabs. While you are allowed to recieve an open, unencrypted signal, you are not necessarily allowed to make use of that signal for two way communication. In other words, while you are allowed to recieve signals like police radio communications, you are not allowed to "talk back" to the police. An open, unencrypted wireless home network signal is considered to be similar. Those who do make use of the open signal for two way communication (without prior authorization) are subject to charges of unauthorized use (of a computer or network), theft of services, and computer trespass should they be caught using that signal.

Just because kazaa doesn't show them, doesn't mean an auxiliary program running alongside kazaa, or even a simple bit of added code to kazaa, can't. The fact Limewire (and I'm pretty sure Ares & Shareazaa) can show IP's clearly indicates it's not a difficult thing to obtain.

in response to this posti know for a fact that shareaza does show ip addresses in the search screens

What I think the RIAA does is seach Kazaa for popular songs. When the find one they see if they can download it. While they're downloading it they run an aux program that tells them what IP address they are connected to. Kazaa might not show what IP address your downloading from, but an aux program could be programmed to find out.

Next time you're running P2P software, go to Start|Run and then type in command. Then type in netstat. You'll see a list of every computer connected to you. From there it's not hard to find an IP address.

Concealing IP address is easy enough. check out tor.eff.org. Use that in combination with privoxy, turn off active x, java, javascript and flash... poof, you have an anonymous connection that is not traceable.

Note, while Tor CAN be used for all sorts of things besides just browsers and has been used for p2p apps, users will find that downloading through Tor takes longer. A small price to pay for the anonymity.

Also, setting up a Tor server is easy and allows people to contribute bandwidth to the Tor network and improve its performancee and anonymity. (the more servers, the better it works)

I am a business lawyer in New York City, practicing at Ray Beckerman, P.C.. The purpose of this site is to collect and share information about the wave of sham "copyright infringement" lawsuits started by four large record companies, and other areas of concern to digital online copyright law, and to internet law in general. -Ray Beckermanbeckermanlegal.com(Attorney Advertising)

"[T]he Court is concerned about the lack of facts establishing that Defendant was using that IP address at that particular time. Indeed, the [complaint] does not explain what link, if any, there is between Defendant and the IP address. It is possible that Plaintiff sued Defendant because he is the subscriber to IP address .... As recognized by many courts, just because an IP address is registered to an individual does not mean that he or she is guilty of infringement when that IP address is used to commit infringing activity." -Hon. Barry Ted Moskowitz, Chief Judge, S.D. California. January 29, 2013, AF Holdings v. Rogers"The complaints assert that the defendants – identified only by IP address – were the individuals who downloaded the subject “work” and participated in the BitTorrent swarm. However, the assumption that the person who pays for Internet access at a given location is the same individual who allegedly downloaded a single sexually explicit film is tenuous, and one that has grown more so over time." - Hon. Gary R. Brown, Magistrate Judge, E.D.N.Y. May 1, 2012, K-Beech v. Does 1-37"The concern of this Court is that in these lawsuits, potentially meritorious legal and factual defenses are not being litigated, and instead, the federal judiciary is being used as a hammer by a small group of plaintiffs to pound settlements out of unrepresented defendants."-Hon. S. James Otero, Dist. Judge, Central Dist. California, March 2, 2007, Elektra v. O'Brien, 2007 ILRWeb (P&F) 1555"The University has adequately demonstrated that it is not able to identify the alleged infringers with a reasonable degree of technical certainty...[C]ompliance with the subpoena as to the IP addresses represented by these Defendants would expose innocent parties to intrusive discovery....[T]he Court declines to authorize discovery and quashes the subpoena as to Does # 8, 9, and 14" -Hon. Nancy Gertner, Dist. Judge, Dist. Massachusetts, November 24, 2008, London-Sire Records v. Does 1-4"[C]ounsel representing the record companies have an ethical obligation to fully understand that they are fighting people without lawyers... that the formalities of this are basically bankrupting people, and it's terribly critical that you stop it...." -Hon. Nancy Gertner, Dist. Judge, Dist. Massachusetts, June 17, 2008, London-Sire v. Does 1-4"Rule 11(b)(3) requires that a representation in a pleading have evidentiary support and one wonders if the Plaintiffs are intentionally flouting that requirement in order to make their discovery efforts more convenient or to avoid paying the proper filing fees. In my view, the Court would be well within its power to direct the Plaintiffs to show cause why they have not violated Rule 11(b) with their allegations respecting joinder. [I]t is difficult to ignore the kind of gamesmanship that is going on here.....These plaintiffs have devised a clever scheme... to obtain court-authorized discovery prior to the service of complaints, but it troubles me that they do so with impunity and at the expense of the requirements of Rule 11(b)(3) because they have no good faith evidentiary basis to believe the cases should be joined." -Hon. Margaret J. Kravchuk, Magistrate Judge, District of Maine, January 25, 2008, Arista v. Does 1-27, 2008 WL 222283, modified Oct. 29, 2008"[N]either the parties' submissions nor the Court's own research has revealed any case holding the mere owner of an internet account contributorily or vicariously liable for the infringing activities of third persons.....In addition to the weakness of the secondary copyright infringement claims against Ms. Foster, there is a question of the plaintiffs' motivations in pursuing them..... [T]here is an appearance that the plaintiffs initiated the secondary infringement claims to press Ms. Foster into settlement after they had ceased to believe she was a direct or "primary" infringer." -Hon. Lee R. West, District Judge, Western District of Oklahoma, February 6, 2007, Capitol v. Foster, 2007 WL 1028532"[A]n overwhelming majority of cases brought by recording companies against individuals are resolved without so much as an appearance by the defendant, usually through default judgment or stipulated dismissal.....The Defendant Does cannot question the propriety of joinder if they do not set foot in the courthouse." -Hon. S. James Otero, Central District of California, August 29, 2007, SONY BMG v. Does 1-5, 2007 ILRWeb (P&F) 2535"Plaintiffs are ordered to file any future cases of this nature against one defendant at a time, and may not join defendants for their convenience."-Hon. Sam Sparks and Hon. Lee Yeakel, District Judges, Western District of Texas, November 17, 2004, Fonovisa v. Does 1-41, 2004 ILRWeb (P&F) 3053"The Court is unaware of any other authority that authorizes the ex parte subpoena requested by plaintiffs."-Hon. Walter D. Kelley, Jr., District Judge, Eastern District of Virginia, July 12, 2007, Interscope v. Does 1-7, 494 F. Supp. 2d 388, vacated on reconsideration 6/20/08"Plaintiffs contend that unless the Court allows ex parte immediate discovery, they will be irreparably harmed. While the Court does not dispute that infringement of a copyright results in harm, it requires a Coleridgian "suspension of disbelief" to accept that the harm is irreparable, especially when monetary damages can cure any alleged violation. On the other hand, the harm related to disclosure of confidential information in a student or faculty member's Internet files can be equally harmful.....Moreover, ex parte proceedings should be the exception, not the rule."-Hon. Lorenzo F. Garcia, Magistrate Judge, District of New Mexico, May 24, 2007, Capitol v. Does 1-16, 2007 WL 1893603"'Statutory damages must still bear some relation to actual damages." Hon. Michael J. Davis, Dist. Judge, U.S.District Court, Dist. Minnesota, January 22, 2010, Capitol Records v. Thomas-Rasset"[T]his court finds that defendants' use of the same ISP and P2P networks to allegedly commit copyright infringement is, without more, insufficient for permissive joinder under Rule 20. This court will sever not only the moving defendants from this action, but all other Doe defendants except Doe 2." -Hon. W. Earl Britt, District Judge, Eastern District of North Carolina, February 27, 2008, LaFace v. Does 1-38, 2008 WL 544992"[L]arge awards of statutory damages can raise due process concerns. Extending the reasoning of Gore and its progeny, a number of courts have recognized that an award of statutory damages may violate due process if the amount of the award is "out of all reasonable proportion" to the actual harm caused by a defendant's conduct.[T]hese cases are doubtlessly correct to note that a punitive and grossly excessive statutory damages award violates the Due Process Clause....."Hon. Marilyn Hall Patel, Dist. Judge, N.D. California, June 1, 2005, In re Napster, 2005 US DIST Lexis 11498, 2005 WL 1287611"[P]laintiffs can cite to no case foreclosing the applicability of the due process clause to the aggregation of minimum statutory damages proscribed under the Copyright Act. On the other hand, Lindor cites to case law and to law review articles suggesting that, in a proper case, a court may extend its current due process jurisprudence prohibiting grossly excessive punitive jury awards to prohibit the award of statutory damages mandated under the Copyright Act if they are grossly in excess of the actual damages suffered....."-Hon. David G. Trager, Senior District Judge, Eastern Dist. New York, November 9, 2006, UMG v. Lindor, 2006 U.S. Dist. LEXIS 83486, 2006 WL 3335048"'[S]tatutory damages should bear some relation to actual damages suffered'....(citations omitted) and 'cannot be divorced entirely from economic reality'". -Hon. Shira A. Scheindlin, Dist. Judge, Southern Dist. New York, August 19, 2008, Yurman v. Castaneda"The Court would be remiss if it did not take this opportunity to implore Congress to amend the Copyright Act to address liability and damages in peer to peer network cases.... The defendant is an individual, a consumer. She is not a business. She sought no profit from her acts..... [T]he damages awarded in this case are wholly disproportionate to the damages suffered by Plaintiffs." -Hon. Michael J. Davis, District Judge, Dist. Minnesota, September 24, 2008, Capitol v. Thomas"If there is an asymmetry in copyright, it is one that actually favors defendants. The successful assertion of a copyright confirms the plaintiff's possession of an exclusive, and sometimes very valuable, right, and thus gives it an incentive to spend heavily on litigation. In contrast, a successful defense against a copyright claim, when it throws the copyrighted work into the public domain, benefits all users of the public domain, not just the defendant; he obtains no exclusive right and so his incentive to spend on defense is reduced and he may be forced into an unfavorable settlement." US Court of Appeals, 7th Cir., July 9, 2008, Eagle Services Corp. v. H20 Industrial Services, Inc., 532 F.3d 620"Customers who download music and movies for free would not necessarily spend money to acquire the same product.....RIAA’s request problematically assumes that every illegal download resulted in a lost sale."-Hon. James P. Jones, Dist. Judge, Western Dist. Virginia, November 7, 2008, USA v. Dove